Home > Competitiveness > Technology, R&D and Innovation > OECD: Tracking and tracing COVID: Protecting privacy and data while using apps and biometrics

21st April 2020

OECD: Tracking and tracing COVID: Protecting privacy and data while using apps and biometrics

Key recommendationsDigital technologies providepowerful tools forgovernments in their fight to control the COVID-19 pandemic,but their privacy and data protection implications must be recognised. Contact-tracing apps should be implemented with full transparency, in consultation with major stakeholders, robust privacy-by-design protections, and through open source projects (where appropriate). Governments should consider:The legal basis of the use of these technologies, which varies according to the type of data collected(e.g. personal,sensitive,pseudonymised,anonymised,aggregated,structuredorunstructured).Whether the use of these technologies and the subsequent data gathering is proportionate, and consider how the data is stored, processed, shared and with whom (including what security andprivacy-by-design protocols are implemented).The quality of the data collected and whether it is fit for purpose.Whether the public is well-informed and the approaches adopted are implemented with full transparencyand accountability.The time period within which more invasive technologies that collect personal data may be used to combat the crisis.Data should be retained only for so long as is necessary to serve the specific purpose for which it was collected.Key recommendations

Digital technologies providepowerful tools forgovernments in their fight to control the COVID-19 pandemic,but  their  privacy  and  data  protection  implications  must  be  recognised. Contact-tracing  apps  should  be implemented with full transparency, in consultation with major stakeholders, robust privacy-by-design protections, and through open source projects (where appropriate). Governments should consider:

The legal basis of the use of these technologies, which varies according to the type of data collected(e.g. personal,sensitive,pseudonymised,anonymised,aggregated,structuredorunstructured).

Whether the use of these technologies and the subsequent data gathering is proportionate, and consider how the data is stored, processed, shared and with whom (including what security andprivacy-by-design protocols are implemented).

The quality of the data collected and whether it is fit for purpose.

Whether the public is well-informed and the approaches adopted are implemented with full transparencyand accountability.

The time period within which more invasive technologies that collect personal data may be used to combat the crisis.Data should be retained only for so long as is necessary to serve the specific purpose for which it was collected.

Share
Linkedin Linkedin Google+ Google+

Similar articles


Recently added articles

19th September 2024

AmCham annual Macroeconomic Outlook: More return on Government spending needed

Share
Linkedin Google+

10th September 2024

Mondelēz promotes innovation, invests $58MM in Opava

Share
Linkedin Google+

27th August 2024

ExxonMobil Global Outlook: Our view to 2050

Share
Linkedin Google+

Members of the American Chamber of Commerce in the Czech Republic

AV MEDIA SYSTEMS, a.s. BNP PARIBAS S.A., pobočka Česká republika BD GE Aerospace s.r.o. Mondelez Czech Republic s.r.o.